69 matches found
GHSA-V54H-CP2W-9X4G Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps
Summary coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the CLI replaces it with the user's real session token before handing the URL to the OS open handler. Note: Practical exploitation requir...
Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps
Summary coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the CLI replaces it with the user's real session token before handing the URL to the OS open handler. Note: Practical exploitation requir...
EUVD-2026-40052
Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...
CVE-2026-22078
Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...
Astra Linux – Vulnerability in Firefox
Malicious websites may have been able to confirm user intent through tapjacking. This could have led users to approve the launch of external applications without realizing it, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...
CVE-2022-4987
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binar...
CVE-2022-4987
CVE-2022-4987 affects Hirschmann Industrial HiVision; versions 08.1.03 prior to 08.1.04 and 08.2.00 are vulnerable due to insufficient sanitization in executing user-configured external applications. An attacker who can place a malicious binary in the external application’s execution path can cau...
CVE-2022-4987
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binar...
PT-2026-30210
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binar...
CVE-2026-0870
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges...
CVE-2026-0870
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges...
CVE-2026-0870 GIGABYTE|MacroHub - Local Privilege Escalation
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges...
CVE-2009-4738
Unspecified vulnerability in JustSystems Corporation ATOK 2006 through 2009 and ATOK flat-rate service, and Just Smile 4 with the ATOK Smile module, allows physically proximate users to bypass the screen lock and execute commands with system privileges via unknown vectors related to "launching...
CVE-2025-15464
The CVE-2025-15464 entry concerns yintibao Fun Print Mobile (Android, ARM64) with version 6.05.15 affected. The issue is an exported PandoraEntry activity that processes unvalidated external intents, enabling external applications to gain application context and directly launch Gmail with inbox a...
PT-2026-1770
Name of the Vulnerable Software and Affected Versions Gmail affected versions not specified Description An exported activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls. This allows unauthorized access to Gmail...
UBUNTU-CVE-2025-11716
Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144...
EUVD-2020-17893
Malware in sbrugna...
EUVD-2009-4702
Malware in sbrugna...
EUVD-2025-8103
Malicious code in bioql PyPI...
EUVD-2023-56756
Malicious code in bioql PyPI...